ID | Votes | Profile Description |
---|---|---|
Sandworm | 4 | Sandworm, a threat actor linked to Russia, has been implicated in numerous high-profile cyber attacks. This group's activities have primarily targeted Ukraine, compromising the country's critical infrastructure and telecommunications providers. The Sandworm group is known for its fileless attack met |
BlackEnergy | 4 | BlackEnergy is a potent malware toolkit that has been utilized by criminal and Advanced Persistent Threat (APT) actors since 2007. Its destructive capabilities were notably demonstrated in Ukraine where it was used for cyber-espionage, compromising industrial control systems, and launching attacks a |
ID | Type | Votes | Profile Description |
---|---|---|---|
Kapeka | is related to | 3 | Kapeka is a previously unknown backdoor malware that has been linked to the Russian Sandworm Advanced Persistent Threat (APT) group. As a malicious software, Kapeka is designed to exploit and damage computer systems, often infiltrating them through suspicious downloads, emails, or websites without t |
Prestige | Unspecified | 2 | Prestige is a type of malware attributed to the Russia-linked Advanced Persistent Threat (APT) group, Sandworm. This malicious software was used in ransomware attacks against Ukrainian and Polish logistics companies in October 2022. The deployment of Prestige coincided with reported instances of ran |
Prestige Ransomware | Unspecified | 1 | The Prestige ransomware is a type of malware that had not been observed by Microsoft prior to its deployment. It is a malicious software designed to exploit and damage computer systems, often infiltrating through suspicious downloads, emails, or websites. Once inside a system, it can steal personal |
NotPetya | Unspecified | 1 | NotPetya is a notorious malware that was unleashed in 2017, primarily targeting Ukraine but eventually impacting systems worldwide. This malicious software, which initially appeared to be ransomware, was later revealed to be data destructive malware, causing widespread disruption rather than seeking |
Industroyer | Unspecified | 1 | Industroyer, also known as CrashOverride, is a potent malware specifically designed to target Industrial Control Systems (ICS) used in electrical substations. It first gained notoriety for its role in the 2016 cyberattack on Ukraine's power grid, which resulted in a six-hour blackout in Kyiv. The ma |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
ID | Type | Votes | Profile Description |
---|---|---|---|
No associations to display |
Source | CreatedAt | Title |
---|---|---|
Securityaffairs | 3 months ago | Previously unknown Kapeka backdoor linked to Sandworm APT |
DARKReading | 3 months ago | Dangerous New ICS Malware Targets Orgs in Russia and Ukraine |
BankInfoSecurity | 3 months ago | Likely Sandworm Hackers Using Novel Backdoor 'Kapeka' |
ESET | a year ago | RansomBoggs: New ransomware targeting Ukraine | WeLiveSecurity |